Total
29750 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2961 | 1 Prozilla | 1 Prozilla Download Accelerator | 2025-04-03 | N/A |
| Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag. | ||||
| CVE-2005-2962 | 1 Ntlmaps | 1 Ntlmaps | 2025-04-03 | N/A |
| The post-installation script for ntlmaps before 0.9.9 sets world-readable permissions for the configuration file, which allows local users to obtain the username and password. | ||||
| CVE-2005-2963 | 1 Mod Auth Shadow | 1 Mod Auth Shadow | 2025-04-03 | N/A |
| The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions. | ||||
| CVE-2005-2964 | 1 Abisource | 1 Community Abiword | 2025-04-03 | N/A |
| Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism. | ||||
| CVE-2005-2966 | 1 Dia | 1 Dia | 2025-04-03 | N/A |
| The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file. | ||||
| CVE-2005-2967 | 1 Xine | 1 Xine-lib | 2025-04-03 | N/A |
| Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | ||||
| CVE-2005-2997 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php. | ||||
| CVE-2005-2998 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | N/A |
| PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files. | ||||
| CVE-2005-2999 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | N/A |
| PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php. | ||||
| CVE-2005-3000 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normalfontcolor, or (3) mess[31] parameters. | ||||
| CVE-2005-3001 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2005-3002 | 1 Xclusive-software | 1 Mccs | 2025-04-03 | N/A |
| Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet. | ||||
| CVE-2005-3003 | 1 Noosoftware | 1 Nootoplist | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters. | ||||
| CVE-2005-3060 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors. | ||||
| CVE-2005-3080 | 1 Geshi | 1 Geshi | 2025-04-03 | N/A |
| contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set. | ||||
| CVE-2005-3073 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | N/A |
| Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) "mike", (2) "standard", or (3) "foundation" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page. | ||||
| CVE-2005-3074 | 1 Rsyslog | 1 Rsyslogd | 2025-04-03 | N/A |
| SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote attackers to execute arbitrary SQL commands via crafted syslog messages. | ||||
| CVE-2005-3075 | 1 Mpc-donkey | 1 Zengaia | 2025-04-03 | N/A |
| SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-3076 | 1 Simplog | 1 Simplog | 2025-04-03 | N/A |
| Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid (1) pid, (2) blogid, (3) cid, or (4) m parameters to archive.php, or the (5) blogid parameter to blogadmin.php. | ||||
| CVE-2005-3078 | 1 Punbb | 1 Punbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature. | ||||